Projects tagged ‘openvpn’

Endian Firewall Community is a "turn-key" linux security distribution that turns every system into a full featured security appliance with Unified Threat Management (UTM) functionality. The software has been de signed with "usability in mind" and is ... [More] very easy to install, use and manage, without losing its flexibility. The features include a stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spamfiltering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on OpenVPN). The main advantage of Endian Firewall is that it is a pure "Open Source" solution that is sponsored by Endian. [Less]

Tunnelblick is a simple graphical user interface for the great VPN software OpenVPN 2.0 and higher. It is written in Cocoa and comes in a ready to use distribution with all necessary binaries and drivers.

Vyatta software is a Linux-based, open-source networking (router, firewall, VPN) solution that leverages x86 hardware and components to deliver a flexible, affordable alternative to Cisco 1800 through 7200 series routers. Vyatta is a enterprise class, commercial open source offering with a staff of full-time engineers and support personnel.

IPFire is new-developed firewall build with the latest releases of linux 2.6 and tools. You are able to install a lot of addons and you will see a firewall can become a home server.

Two-factor authentication from WiKIDThe WiKID Strong Authentication System is a public key-based two-factor authentication system. It is flexible, extensible, and secure alternative to tokens,certs & passwords. Application support for Java, Windows ... [More] , PHP, Ruby, Python, SugarCRM, webmail, OpenVPN, LDAP, TACACS+, etc. Open source token clients include a J2SE client and a Firefox extension (in beta). The token client encrypts the user's PIN with the WiKID server's public key and sends it to the server along with a one-time use AES key. If the PIN is correct, the account active and the encryption valid, the one-time password is generated (via java random), encrypted by the token client's public key and the AES key and returned. If the security domain is configured for https mutual authentication, a hash of the valid ssl cert and the URL are also sent with the OTP. The token client will attempt to fetch the SSL cert from the URL and hash it. If the hashes match, the URL is presented as valid and the default browser is launched to the valid website. This prevents MITM attacks against web applications. DocumentationWe have recently published a number of how-tos: Add two-factor authentication to Ruby Add two-factor authentication to PHP How to use Radius for two-factor authentication with Apache How to prevent phishing with mutual authentication Secure SSH with two-factor authentication How to configure OpenVPN for WiKID [Less]

DescriptionThe OpenVPN Auth-LDAP Plugin implements username/password authentication via LDAP for OpenVPN 2.x. FeaturesUser authentication against LDAP. Simple Apache-style configuration file. LDAP group-based access restrictions. Integration with ... [More] the OpenBSD packet filter, supporting adding and removing VPN clients from PF tables based on group membership. Tested against OpenLDAP, the plugin will authenticate against any LDAP server that supports LDAP simple binds -- including Active Directory. BuildingRequirementsOpenLDAP Headers and Library GNU Objective-C Compiler OpenVPN Plugin Header (included with the OpenVPN sources) re2c (used for the configuration file lexer) To build, you will need to configure the sources appropriately. Example: ./configure --prefix=/usr/local --with-openldap=/usr/local --with-openvpn=/usr/ports/security/openvpn/work/openvpn-2.0.2The module will be build in src/openvpn-auth-ldap.so and installed as ${prefix}/lib/openvpn-auth-ldap.so. UsageAdd the following to your OpenVPN configuration file (adjusting the plugin path as required): plugin /usr/local/lib/openvpn-auth-ldap.so ""The config directive must point to an auth-ldap configuration file. An example configuration file is provided with the distribution, or see the Configuration page. SecurityPlease report all security issues directly to landonf+security (at) bikemonkey (dot) org. Through the use of extensive unit testing, valgrind, and regression testing, we are very confident in the overall code quality of the plugin. There has been one security vulnerability to date, due to misinterpretation of LDAP RFCs. 2006-12-02: OpenVPN Auth-LDAP would accept empty passwords when validating against Novell Directory Server. This is known to not affect default installs of OpenLDAP (our test platform). Strict implementation of the LDAP RFCs requires that a directory server treat a bind with a valid DN and an empty password as an "anonymous" bind. If anonymous binds are enabled, this could lead to password bypass. [Less]

The OpenVPN Auth-LDAP Plugin implements username/password authentication via LDAP for OpenVPN 2.x. It also includes some integration with the OpenBSD packet filter, supporting adding and removing VPN clients from PF tables.